Secure WordPress Without Coding Skills

Link for this presentation:

HTML code for embedding:

Share on social media:

Is WordPress insecure? Not at all! However, an outdated WordPress installation with a weak password and poorly chosen plugins is definitely insecure.

It’s often said that “security is a process”, and the security of your own site starts with you installing the WordPress. Why should you care about security from day one, when your website is brand new and only your mom reads it? What should you do yourself, while your site grows, even if you do not (yet) have the budget to hire experts? How can you make your visitors browsing safer? How can you minimise the chance you site got hacked?

In this talk I will go over some best practices you can implement to make your website safer and why you should care about them. None of these require a single line of code, only some common sense and understanding what is right and what should be avoided as a behaviour while you manage your site.

Resources

The following resources were mentioned during the presentation or are useful additional information.

@FrancescaMarano at #wcoc is evangelizing about putting HTTPS on all websites. "There's no excuse!" Agreed! SSL is free thanks to @letsencrypt. Any host that isn't providing HTTPS for customers is doing them a disservice.